OpenShift + Jenkins + Bitbucket, continuous integration and publishing out of the box
In this article, I will show how to quickly deploy an environment for building, testing, and publishing applications using the OpenShift platform using the example of a PHP project. I will use OpenShift online, but all this can also be deployed on your own servers or in VirtualBox (there is a ready-made assembly). Bitbucket will be the Git server for storing and versioning the code.
After successful registration in the system, a free account gets a place on the servers and the ability to create up to three containers working in conjunction. As well as domain names in the rhcloud.com domain, application-username.rhcloud.com . This is quite enough for testing and experiments. Although I deployed a PHP container, OpenShift allows you to deploy many other applications and frameworks in the same way. And nothing prevents Bitbucket from using GitHub or any other version control system. Inside the cloud docker container is spinning, access to which can be obtained using the OpenShift Client Tools , but for the basic settings, the web interface is also enough.
Let's get started Create a
Jenkins Server container with default parameters and the name jenkins . Add application → Jenkins Server → Create Application . This container will manage the builds and publication of the application. The public URL then will be jenkins-username.rhcloud.com , at this URL you can access the Jenkins web interface.
Go to the web interface of Jenkis and in the settings, install the update plug-ins, and the additional plug-in "Bitbucket Plugin" with dependencies. It will allow you to customize the assembly of the project on the trigger - webhook. Initially, the list of plugins is empty, because:
Jenkins → → , we ask you to check for updates. After installation, we overload Jenkins.
')
In OpenShift, we create a container of the desired type of application, in our case PHP 5.4. It’s strange that it’s too old when you deploy a new OpenShift on your servers a much fresher version and more options.
His name will be php - it will determine the URL of the container and the names of the dependent settings.
In the properties of the container, we include integration with Jenkins.
The integration will create a php-build task with the necessary settings in Jenkins, which we will further configure. On the master node, the builds are disabled by default (the number of collectors = 0), in principle, you can fix it, but it will not publish the application - there are not enough utilities in the base container. Quite possibly, this can be corrected by digging into the container with your hands (and head).
Go to the settings of the php-build task in Jenkins. It is already configured for an assembly on the container-collector and publication in the php container, but we need to connect bitbucket. By default, git is connected in a container and, in principle, you can work with it.
So:
Where the URL is the same as in the “clone / https” bitbucket option. If the repository is closed, then you need to add authorization parameters (
Credentials → Add , Jenkins provider).
Where are specified the parameters of the authorization bitbucket-a.
Jenkins can work with ssh keys, but the restrictions of the OpenShift container interfere with it, and the keys and permission to access the bitbucket host cannot be saved. Perhaps the problem can be solved reliably by digging inside the jenkins container.
Below, in the "Branches to build" field, indicate the branch that will be collected. It makes sense to specify the master explicitly (* / master).
In the fields “assembly triggers” we enable the options for which the project will be built automatically. You can do this by webhook; together with other projects; periodically poll git for changes and, if they exist, collect; or just on schedule.
In this case, two options are included and, besides the webhook, updates will be checked every 10 minutes.
In the settings
→ shell , the template for assembling, checking and publishing the project to the php container is already filled.
Something like this:
source $OPENSHIFT_CARTRIDGE_SDK_BASH alias rsync="rsync --delete-after -azS -e '$GIT_SSH'" upstream_ssh="ID@php-${OPENSHIFT_NAMESPACE}.rhcloud.com" # remove previous metadata, if any rm -f $OPENSHIFT_HOMEDIR/app-deployments/current/metadata.json if ! marker_present "force_clean_build"; then # don't fail if these rsyncs fail set +e rsync $upstream_ssh:'$OPENSHIFT_BUILD_DEPENDENCIES_DIR' $OPENSHIFT_BUILD_DEPENDENCIES_DIR rsync $upstream_ssh:'$OPENSHIFT_DEPENDENCIES_DIR' $OPENSHIFT_DEPENDENCIES_DIR set -e fi # Build/update libs and run user pre_build and build gear build # Run tests here echo "OK or not OK, that is the qestion ;)"; # Deploy new build # Stop app $GIT_SSH $upstream_ssh "gear stop --conditional --exclude-web-proxy --git-ref $GIT_COMMIT" deployment_dir=`$GIT_SSH $upstream_ssh 'gear create-deployment-dir'` # Push content back to application rsync $OPENSHIFT_HOMEDIR/app-deployments/current/metadata.json $upstream_ssh:app-deployments/$deployment_dir/metadata.json rsync --exclude .git $WORKSPACE/ $upstream_ssh:app-root/runtime/repo/ rsync $OPENSHIFT_BUILD_DEPENDENCIES_DIR $upstream_ssh:app-root/runtime/build-dependencies/ rsync $OPENSHIFT_DEPENDENCIES_DIR $upstream_ssh:app-root/runtime/dependencies/ # Configure / start app $GIT_SSH $upstream_ssh "gear remotedeploy --deployment-datetime $deployment_dir"
After the comment “
# Run tests here ”, you need to insert some assembly verification code, according to the results of which either go ahead and publish, or print an error and exit.
All operations are performed in the collector container in its environment and its utilities. This may impose restrictions on opportunities. In general, when you deploy your own Jenkins server, there is more opportunity and control. And for integration with OpenShift, you can use the rhc utilities and the corresponding Jenkins plugins (hostess note).
Save, and you can run the assembly. In this case, Jenkins initiates the creation of a container-collector in the OpenShift cloud with the name phpbldr , to which the task is configured. There is a nuance: the container rises for a long time and, sometimes, the assembly task is removed without waiting for the collector. But, if you run the assembly again, then everything will go right away on the ready assembler. The project properties have the “Builder Timeout” parameter, but it’s about domain names, not about that. There are options for delayed assembly and the number of attempts, but they also do not help.
In the system settings of Jenkins, you can increase the lifetime of the collector (default is 15 minutes):
The maximum limit of 60 minutes is nailed. It is imperative that in the cloud, at the time of assembly, there was a free slot for a new container.
To set up an assembly by webhook, you need to include in the project property in bitbucket:
Settings → webhooks → add webhook and specify the URL of the Jenkins container in the form:
https://jenkins-username.rhcloud.com/bitbucket-hook/ , (the end of bitbucket-hook / is just the trigger of the webhook). In the settings you can select options for which it works. Apparently, all projects in Jenkins will be twitching in which integration with bitbucket is indicated, but if there were no changes in the source codes, the assembly will not run.
Thus, the commit will automatically start the assembly and publication of the project.
You can check webhook work in the “BitBucket Hook Log” task in Jenkins.
After a successful build, the project is published to the php container and you can enjoy the result at the public URL:
http://php-username.rhcloud.com/ .
As a result, we got our lunopark for testing and publishing projects. And if all this is deployed on its own capacities, then it is also without restrictions, and with additions.
Thanks for attention.
Source: https://habr.com/ru/post/313146/
All Articles